[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] I think I have the new RPC Dcom sploit.
- To: Jarrod SMith <SirSlappy@xxxxxxxxxxxxxxxx>
- Subject: Re: [Full-Disclosure] I think I have the new RPC Dcom sploit.
- From: Don Bailey <dbailey27@xxxxxxxxxxxxx>
- Date: Fri, 16 Apr 2004 05:03:49 -0400
An obvious fake.
Everyone knows my code comes standard with a huge header, that
would take at least a day to read. Even for code such as this, I
absolutely *must* document the obscure 'L', 'O' and 'L' statement
in order to clearly exemplify my reasoning.
As the ominous (insert spooky music and/or shivers here) the_ut
recently lamented: "his code is always didactic". Indeed it is,
jimothy jones. Indeed, it is.
Everybody thank the number 943 and the letters E, P and S for
this hilarious spoof.
Happy belated April Fool's day, apparently! :-)
north_
/*
rpcdcom 5 remote LOCALSYSTEM exploit for winnt, 2k, xp, 2k3
2004.04.15
(C) northern snowfall & SUPERrell
targets for EN, DE, EE, CN locales
*/
#include <winsock2.h>
#include <stdio.h>
#include <windows.h>
#include <process.h>
#include <string.h>
#include <winbase.h>
unsigned char requestBind[] = {
'L', 'O', 'L'};//fuckingtelnet :P
////////////////////////////////////////////////////////////////////////
//#define abort(x) { printf(x); exit(1); }
//#define lprintf(...) {xlprintf(__LINE__,__FILE__);}
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html